[asterisk-users] asterisk as non root

Atux Atux atuxnull at gmail.com
Wed Apr 19 11:48:29 CDT 2017 

Hi.
Here is the output of the command

root at pbx: ~ $  find / -name asterisk -exec ls -ld '{}' \;
drwxr-xr-x 3 root root 4096 Apr 19 17:32 /usr/include/asterisk
drwxr-x--- 3 asterisk asterisk 4096 Apr 19 17:32 /usr/lib/asterisk
-rwxr-xr-x 1 root root 9719880 Apr 19 17:27
/usr/src/asterisk-11.25.1/main/asterisk
drwxrwxr-x 3 1013 users 4096 Apr 19 16:56
/usr/src/asterisk-11.25.1/include/asterisk
-rwxr-xr-x 1 root root 9719880 Apr 19 17:32 /usr/sbin/asterisk
root at pbx: ~ $


On Wed, Apr 19, 2017 at 5:03 PM, Tzafrir Cohen <tzafrir.cohen at xorcom.com>
wrote:

> On Wed, Apr 19, 2017 at 04:44:39PM +0300, Atux Atux wrote:
> > hello there. i am running debian 8 in my swerver and i would like to run
> > asterisk as non root.
>
> The Asterisk package included with Debian already does that. Why not
> have a look at it?
>
> > i did follow the
> > https://www.voip-info.org/wiki-Asterisk+non-root without any success.
> when
> > i issue
> > root at PBX: ~ $ asterisk -U asterisk -G asterisk
>
> The options -U and -G are for the case of running Asterisk as root and
> having Asterisk change user and group afterwards. There are a number of
> options that only work that way (real-time priority, special socket
> permissions, IIRC).
>
> Alternatively you can use other mans to change to that user (--chuid or
> start-stop-daemon or User: and Group: in a systemd service file, or
> whatever). And then you don't need those options.
>
> > Privilege escalation protection disabled!
> > See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details.
>
> Read that text. But it is irrelevant for your situation.
>
> > Unable to access the running directory (Permission denied). Changing to
> '/'
> > for compatibility.
>
> /root is not accessible by the user asterisk. This is mostly harmless,
> but not if you want to have core files (see also -g) and maybe a few
> other minor things.
>
> > Asterisk already running on /var/run/asterisk/asterisk.ctl. Use
> 'asterisk
> > -r' to connect.
>
> Because you already ran that command before. Or already have the system
> copy of asterisk running. Or whatever.
>
> Reading error messages helps.
>
> --
>                Tzafrir Cohen
> +972-50-7952406           mailto:tzafrir.cohen at xorcom.com
> http://www.xorcom.com
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170419/4b162de1/attachment.html>

More information about the asterisk-users mailing list